[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] --learn-address don't provide IP for dev tap?


  • Subject: Re: [Openvpn-users] --learn-address don't provide IP for dev tap?
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Thu, 16 Dec 2004 06:49:57 +0100 (CET)

On Wed, 15 Dec 2004, Didier Conchaudron wrote:

The problem is that, in my understanding, I do have to know client IP in tun mode, eq "ifconfig server_ip client_ip". I can't use that way because I can't know the ip address of the incoming clients. I'm not doing pptp.

So my question could be this one: How to use tun mode in order to be able to get several clients without knowing their ip address?

I cc my server config, then you can help me to modify it using tun ;-)

NoNo... You have missunderstood the --ifconfig option in server mode. This only creates a P-t-p used for OpenVPN to communicate with the server host operating system internally. Then --ifconfig-pool is used to assign a /30 subnet to each client.


You never need to know the clients IP address in advance, neither with --dev tun or --dev tap.

Here's a modified version of your config for use with --dev tun.


dev tun

ifconfig 192.168.0.1  192.168.0.2
port 443
proto tcp-server

user nobody
group nobody
persist-key

tls-server
dh dh1024.pem

ca /root/CA/ca.crt
cert /root/CA/certs/server.crt
key /root/CA/private/server.key

crl-verify /root/CA/crl/crl.pem

tls-verify /root/openvpn/x509-verify.pl
auth-user-pass-verify /root/openvpn/user-pass.sh via-env
learn-address /root/openvpn/firewall.pl

status-version 1
status /root/openvpn/sessions-status.log 4

comp-lzo
verb 3

mode server
ifconfig-pool 192.168.0.4 192.168.0.251
route 192.168.0.0 255.255.255.0
push "route 10.8.0.1"
push "redirect-gateway"
push "ip-win32 dynamic"
push "dhcp-option DNS x.x.x.x"
push "dhcp-option DNS y.y.y.y"


-- _____________________________________________________________ Mathias Sundman (^) ASCII Ribbon Campaign OpenVPN GUI for Windows X NO HTML/RTF in e-mail http://www.nilings.se/openvpn / \ NO Word docs in e-mail

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users